Just give me all your PII, and Ill do it for you for the small fee of your full bank account! Easy.

-

On a serious note - there needs to be an easier way to remove any and all PII from across the web, period.

It should be illegal for ANY site to harvest PII and host it for ransom (credit/social credit site, for example should be fully illegal)

Also, with "relevant prompt" -- how can I use my own account to test to see if I have PII in the system?

Do I just need to attempt to prompt for my own PII to check?

How do you prompt to check for your own PII without ADDING PII into the system via your testing prompts?

The only plausible solution I can think of that doesnt change the way the web operates is to force all PII to be opt-in instead of opt-out

Isn't it already? If someone asks for PII you can just stop using the service.

I think it's important to note here that there are many public, government run services that collect and sell information that are incredibly hard to "just stop using the service".

This includes things like:

- owning a car, or just having a drivers license: https://www.privateinternetaccess.com/blog/dmvs-are-making-a...

- having a credit history (credit bureaus can sell by default to third parties like financial institutions, not even accounting for the equifax breach)

- buying a home (public record)

- going to court (public record)

- entering the vast majority of grocery stores with cameras

- owning a cell phone that is turned on at some point (cell towers store information on which phone numbers are connecting to them, giving rough location history)

- Messaging anybody on virtually any service without extreme precautions (even e2e apps will store who is talking to who, which can create detailed social maps)

There is the option to opt-out by living in the woods without any modern technology, but I think it's worth noting that in general, especially for anybody with a HackerNews account viewing this page, that it is not trivial to avoid having your personal data collected (and possibly sold) on a continuous basis.

We need a consortium of AI, ML diggers who can unwrap exactly how PII is being tendrically used against us and add awareness.

Recall that guy who wrote a thesis on the actual fiber-optic lines laid throughout the world and the USG seized his thesis as a matter of national security...

We need the same thing built for PII vs AI access to such information.

but starting with available PII. Regardless of the fact that the state says "public record" public recod should be fucking reigned in.

That feels dark pattern adjacent to me. It's tone deaf to think information someone gives you as part of using a service they want from you means they are okay with that information being shared with other parties in a manner completely unrelated to the service provided.

Sharing sensitive information once, or even a hundred times, should not constitute a presumed consent to opt-in to that information being shared again or data mined.

That doesn't cover PII obtained without your involvement, though.

You don't need to have an account with google for them to collect your personal data. Facebook keeps and updates profiles on people who have never had accounts and never used the website.

Can't be a worse idea than Facebook asking for nudes so it can protect you from revenge porn

So they are requiring users to agree to their TOS before allowing these users to submit removal requests? That can't be legal.

Worse, this is hosted by hsforms.com (Hubspot Forms) which, by itself, collects a huge amount of data (e.g. IP address enrichment). Just this simple form needs its own privacy policy given that it's hosted by Hubspot's Marketing / lead form product.

If your name is John Smith and you want your pii removed the filter can't just handle any occurrence of J Smith, it needs to be scoped to a particular Smith and to do that the context of the prompt is helpful/needed.